I remember last year as I began to search for information regarding the CEH certification, I stumbled upon this site. And I'm glad I did. The EH-NET community contributed information that I later use to help me pass the exam and I will try to summarize it here.

I'm a type of guy that likes to read books and study for a cert on my own pace, so that's why I prefer the via self-study approach as opposed to boot camps. First, because my current employer won't pay for it and I don't have the financial means for paying a full blown course. Second, I learn and retain information better if I study on my own.

So I went ahead and registered to this site. I began to read articles about the subject and also posted questions to the forum in which responses were immediately received. The following links will direct you to the CEH topic forums that helped me with my study:

I started to study last September by reading the first book (Gray Hat Hacking : The Ethical Hacker's Handbook). This book is a little advance and it talks about vulnerability tools, advance port scanners, programming survival skills and buffer overflow. I began reading this book because I was fascinated with exploit coding, source code analysis and the like, and because I already had 2 years experience under my belt in the security field. If you lack the knowledge of hacking methodology, buffer overflows and pertinent tools then I suggest that you read this book last after reading the other books that I will now mention.

My second book (Counter Hack Reloaded by Ed Skoudis). Awesome book on step-by-step hacking and countermeasure. Ed illustrates and explains clearly on how to ethically hack systems and network in a methodical fashion. If you really want to learn on how to conduct a penetration test and how to defend your network, this is the book. It gives you a clear picture on the methodology that the hacker use to compromise your network.

The other two books that I will now list is mainly focus on the cert itself. After reading Ed Skoudis' book you should have a clear understanding of the hacking methodology, these books will focus the main objectives of the CEH to help you pass the exam. For a detail explaintions on CEH and it's objectives, I recommend (Certified Ethical Hacker Exam Prep (Exam Prep 2)). This is book is far way better compared to EC-Council official courseware. The book help grasps knowledge of network penetration testing skills. Please be advice though, there's lots of typo errors some misinformation. Just read carefully and if you find something that you don't understand or confused about, research your question or post your inquiries to the forums. I did purchase CEH(v5) courseware but I only read half of it because there was to many information to read and for you to remember. It did not help me accept for the lab manual and tools that came with the cd. However, in my exam there were only few tools that I was asked about. The courseware in my oppnion is only good for reference. If you have the money and would like to add it to your library then go ahead and buy it but other than that you can definitely pass the exam without it. The second book focusing on CEH which I highly recommend is the (CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50). This book really narrows down what you need to know to pass the CEH exam. It's concise, covering all exam objectives and it's officially endorsed by EC-Council. This is book is a must have. Some of the practice questions that came with the review guide especially from the cd rom was ask in my exam.

So basically these are the books that I read for the exam. As I was reading these books I created a virtual lab at home and practice the tools mentioned in those books. This will really help for the exam as you will definintly remember the commands and switches when ask in the test. Now even though I created a virtual lab I was compel to enroll the Offensive Security 101 class because of the course price and earning an additional certification just by taking their hacking challenge exam and at the same time practice the tools and methodology for the CEH exam. Man, this couldn't have come in a better time. The Offensive course helped me apply my hacking skills that I learned from reading the aforemention books and from the course itself. I consider this to be the best hacking course out there for the money. For my complete OffSec 101 review please refer to the following link:

As for practice test is concern, I purchased TestKing CEH practice test since I heard good things about it. The product came with 458 312-50 downloadable exam engine and a downloadable, printable exams (in Testking iPad format). This played a big part of me passing the exam as well as practicing the test questions that came with CEH focus exam prep books. The practice tests helped me evaluate my understanding of the material and enforce my preparation for the exam. Check the following for more info:

To sum it up, it took me 8 months of preparation for the CEH(v5) exam via self-study and compared to a boot-camp sessions I know that the majority of the people will choose this route instead. But let me tell you that it is all worth it and I can't tell you how much I learned during the course of my studies. At the end, I earned two certification and only spent less than $800 not counting the official courseware from EC-Council (which really did not help me in this case) and including Offensive Security 101 course. I think you can't go wrong with the strategy that I took. Anyways, I hope this information that I hand before you will help you earn the Certified Ethical Hacker certification and I would once again like to express my gratitute to EH-NET site creator Don and it's wonderful members for an excellente site. Thank you.

Additional info with regards to the CEH(v5) exam:

In the exam I had a lot of questions on snort, nmap, honeypot, firewall and tcpdump logs. Make sure you know how to interpret these. Know how to read code, for instance, C, ASP and bash scripts. There were multiple questions on buffer overflow, SQL injection and such. As for the hacking tools, in my exam there only a few such as nmap, hping, snort command line and ettercap. Just follow the (CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50) and read about the tools described in this book. As a matter of fact, this book really hit the spot and informs you what you should expect from the test. Know your ports such as (21(ftp), 23(telnet), 389(ldap)).

Overall the test was diverse in its entirety in terms of the questions being ask. I considered the CEH(v5) to be a good test.

For all future candidates, good luck

Last edited by blackazarro on Mon May 28, 2007 7:55 am, edited 1 time in total.

Great recap. Although you thanked me in your post (much appreciated BTW), you also thanked the EH-Net community. That's where most of the praise should be directed. If anyone is new to this site, blackazarro is the perfect example of the type of members he himself mentions in his post. He basically gives you a blueprint to pass the CEH v5 exam.

blackazarro wrote:So basically these are the books that I read for the exam. As I was reading these books I created a virtual lab at home and practice the tools mentioned in those books. This will really help for the exam as you will definintly remember the commands and switches when ask in the test.For all future candidates, good luck

Hi Blackasarro,

Firstly congrats on your passing CEH,

Could you give details or setup on what type of virtual lab you set for your practice and workouts....

Iam also in the same learning rope of setting up virtual lab, it would be useful if you could let me know like what you used like Microsoft virtual product or vmware product and number of windows & linux on virtual lab...!

However, instead of using VMware to create the virtual machines I used VMX Builder, a free easy-to-use desktop tool for creating virtual machines. For additional info about this app please refer to the following link:

My virtual lab consist of 2 Windows Server (2000 and 2003), a linux server (Ubuntu 6.10) and my slax client (Backtrack final 2.0) for conducting attacks against these server as well as my Windows XP professional client.

Last edited by blackazarro on Tue May 29, 2007 3:42 pm, edited 1 time in total.

Thats a good line up for your lab and I am glad to see you included Xp pro. Some people make the mistake of having nothing but servers in their test lab and neglect the regular user client. While its true that the server is almost always the end target, sometimes the only way in is to attack a normal user in the network and then after owning that box, attack the server from there. I have known situations where the a workers home computer was first owned and from there the hacker was able to connect to the employees workplace computer. After that, the hacker had full access on the network to begin his attack on the server from the inside which is often easier.

Thanks for your reply, I have started installing VMplayer and knoppix520 (5.2.0) version , it says that vmplayer doesnt support and need advanced player ...a bit literally confused and now trying to download vmplayer 2.0 and reinstall it, in the meantimecould you provide me with which version of linux flavours used in vmplayer....it could be helpful in setting up for me,

When it comes to studying, I'm a bit lazy but I have a good reason for this. I usually work 50 hours a week (sometimes more) and getting to work takes a hour (sometimes 2 depending on traffic). So I don't have a lot of free time to on my hands. However, during the week I always manage to squeeze in 2 hours for studying. In the weekends I usually dedicate my time on other things but if I have some extra free time then I use it for studying.

Books or study guides that ranges from 400 to 600 pages takes me about a month to complete. So let say I have 4 books to read, it usually takes me 4 months to read it.

After reading all the books and doing lab work I devote my time in taking and studying practice tests. I always dedicate 2 weeks for this before taking the exam.

I used this exact methods mentioned above for my Security+ and CEH certs and I had no problems passing the exams on my first try.

Hope this helps.

Last edited by blackazarro on Fri Jun 01, 2007 4:29 pm, edited 1 time in total.

Hey vp75, sorry I didn't see your post until now. As mentioned in Negrita's article on creating your virtual lab, go to http://www.vmware.com/vmtn/appliances/directory/ to look for virtual appliances. There's different variety of linux flavor to choose from so I suggest you check this website and download the distro you're interested in.

Nice post blackazzaro. It's full of excellent info, just what a lot of people here are looking for.BTW, thanks for using my tutorial. I'm glad that someone here got more out of it than just a good read.

CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.

blackazarro wrote:Hey vp75, sorry I didn't see your post until now. As mentioned in Negrita's article on creating your virtual lab, go to http://www.vmware.com/vmtn/appliances/directory/ to look for virtual appliances. There's different variety of linux flavor to choose from so I suggest you check this website and download the distro you're interested in.

Thanks for your reply and explanation.I got installed VMPlayer ver 2 and tried knoppix and got error as it didnt come with .iso image file, now downloading it, hope would take another 1hr approx to download 697MB. Regarding virtual appliance i saw one of the link got Hacking and networking security usage & training tool, but OS it says is Suse linux, does it mean it cant be used in Knoppix environment....? (sorry for this dumb question)

Again the scripts whatever we write in linux can it be saved into virtual machine & compile and run it...?

Being on learning rope i hope you guys understand what i am pointing at...

Vp75, it appears that you're a bit confuse and that's ok. I was also confuse when I started to learn about VMware and virtual machines. I encourage you to reread Negrita's article carefully. What ever linux distro you download, you have to use a virtualization software in order to convert it to a virtual machines. Then use the VMware Player to boot-up the linux OS or whatever OS you interested in.

As for the knoppix distro, download the iso image and burned this to a cd. In your burning cd software, make sure to choose the option for burning iso image to a cd. Then use VMware Server or VMX Builder as I mentioned before, to create the virtual machine. This step here is similar to installing a OS on your system but you are doing it virtually. I haven't used knoppix for while but I think this distro does have an option to install it on a hard drive.

After successfully installing knoppix virtually you can add scripts, download applications and configure settings in your virtual machine and this will be saved.

Suse and Knoppix are two different linux distribution, for complete info refer to the following links:

Vp75, if you still having problems in creating and playing virtual machines, I recommend that you check EH-NET forums for any information that will help you on the subject or create a new forum topic so we can address your problems there. I would like to keep this forum topic CEH related ,thanks.